In April, crypto lost $651M to hacks. 88% of it went to North Korea's Lazarus Group. May is structured very differently. Here's the picture from May 1 through today, May 29. Direct on-chain losses are way down. But the attack surface moved upstream, into the dev tools, the AI agents, and the supply chain that every protocol you use depends on. ⚠️ READ THIS PART FIRST (if you only have 30 seconds): 1. Lazarus did not run a single major drain in May. That's not because they stopped. Fox-IT's May 22 RemotePE disclosure says they've been sitting inside crypto firms quietly since 2023. 2. The biggest May threats didn't touch a smart contract. Mini Shai-Hulud (May 11) and TrapDoor (May 22) went after the dev tools that build the protocols you use. One worm hit 172 packages with 518M weekly downloads. OpenAI confirmed two employee devices got owned. 3. AI agents started moving money in response to attackers. The Grok/Bankrbot incident on May 4 was the first time (as discovered) a chat AI auto-executed a crypto transfer because a stranger hid an instruction in Morse code. Permission chains are now an attack surface. 4. On May 26, Manuel Aráoz, a former OpenZeppelin co-founder who helped build the most respected smart contract security firm in DeFi, publicly said he now considers all of DeFi unsafe and has advised his own family to exit positions in Aave, MakerDAO, and Compound. OpenZeppelin issued an official rebuttal. Aave Chan Initiative's Marc Zeller called the post "a moronic thing to say." The industry is split, but the warning landed. >> WHAT THIS MEANS FOR YOU (share with your friends): > Long-term holdings → hardware wallet. None of these incidents touched anyone with self-custodied cold storage. Not one. > Yield farming, LP, lending, staking → keep going if the yield justifies the risk, but treat that portion like a checking account. The protocol's security is the dev pipeline's security, and that pipeline is being actively poisoned. > Exchanges → still where most retail lives. The May story tells you why. The threats aren't really your wallet. They're the platform's CI/CD and the AI agents wired to it. > If you click links or DMs from crypto strangers → please don't. Social engineering is doing more damage than smart contract bugs right now. Fake Calendly invites. Fake job interviews. Fake Google ads above the real Uniswap link. ($400K taken on May 25 alone from that last one.) ================================ RECEIPTS (May 1 through May 29): > May 4: Grok / Bankrbot, ~$175K to $200K. AI prompt-injection via Morse code on X. A maintenance rewrite dropped the hardcoded block on Grok-originated replies. No regression test caught it. First public AI-agent permission-chain abuse to actually move funds. ~80% returned after the community doxxed the attacker. > May 11: Mini Shai-Hulud (TeamPCP) npm worm. CVE-2026-45321, CVSS 9.6. 400 malicious versions across 172 packages including 42 TanStack libraries, 65 UiPath packages, Mistral AI's PyPI client, OpenSearch JavaScript client, and Guardrails AI. 518M combined weekly downloads. Self-propagating. It steals credentials from one CI pipeline, enumerates every package that maintainer controls, and infects each. Attack chain: poisoned pull_request_target trigger GitHub Actions cache poisoning OIDC token extraction. OpenAI confirmed 2 employee devices hit; code-signing certs rotated. > May 15: THORChain Asgard vault, $10.7M. Malicious validator node joined the network May 13. Exploited a vulnerability in the GG20 threshold signature scheme. Partial key material leaked incrementally during signing ceremonies until the attacker could reconstruct the full private key. Trading halted ~13 hours. 1 of 6 vaults; user deposits untouched. RUNE dropped 15%. > May 17: Adshares bridge, $628K. Fake wADS minted on Ethereum, dumped via Uniswap V4 router. Attacker returned 256 ETH (~86%) on May 18. > May 18: Verus-Ethereum bridge, $11.58M. Same vulnerability class as Wormhole and Nomad. Cryptographic validity is not economic validity. The bridge verified the message envelope but didn't check that input amount on Verus matched payout on Ethereum. Blockaid says ~10 lines of code would have prevented it. Resolved May 22: attacker returned 4,052 ETH (~$8.5M), kept 1,350 ETH (~$2.8M) as a negotiated bounty. > May 19: Echo Protocol / Curvance, $77M minted on paper, $816K real loss. Don't trust the headline number. Admin key compromise minted 1,000 unbacked eBTC on Monad. Curvance accepted 45 fake eBTC as collateral, attacker borrowed 11.3 WBTC (~$868K), bridged to ETH, sent ~384 ETH to Tornado Cash. Echo regained admin keys and burnt the remaining 955 eBTC. > May 22: Polymarket, $573K. ZachXBT flagged the breach. A six-year-old internal private key tied to reward payouts was compromised. ZachXBT, Bitcoin_Vietnam, and ChangeNOW_io coordinated to freeze $164K. No user funds touched, no smart contract exploit. The team rotated keys and migrated to KMS-based management. > May 22: Fox-IT publishes RemotePE deep-dive. Lazarus subgroup's memory-only RAT, active since 2023. Same actor cluster behind April's Drift and KelpDAO. No new drain attached. Yet. > May 22: TrapDoor supply chain. Socket's public disclosure date. First package detected at 20:20:18 UTC: eth-security-auditor@0.1.0 on PyPI. Phoenix Security's later forensic analysis traces the campaign start to May 19. 34 packages across npm (21), PyPI (7), http://Crates. io (6). Targets Sui, Move, AI devs. XOR-encrypts crypto keystores with the hardcoded Rust key "cargo-build-helper-2026", exfiltrates to GitHub Gists. Average detection time across the campaign: 5 minutes 56 seconds. Unusual move: drops .cursorrules and CLAUDE.md files with zero-width Unicode characters that are invisible to humans but flow into AI coding assistants as instructions, tricking them into running the malicious "security scan." > May 25: Fake Uniswap Google Ads, $400K . AngelFerno drainer-as-a-service. On-chain analyst b-block surfaced the campaign. Sponsored Google ads ranked above the real Uniswap. Same drainer also hit PancakeSwap, Morpho, Hyperliquid, CoW Swap, and Ledger lookalike domains. Security Alliance counts 356 malicious ad links across the broader 2026 campaign. > May 26: Anthropic Mythos / Project Glasswing update. Mythos has now detected 23,019 vulnerabilities across Glasswing partner software. 6,202 estimated high or critical. 1,094 confirmed valid high or critical. Only 97 patched. Headline find: WolfSSL cert-forgery CVE-2026-5194 (CVSS 9.1), used widely in IoT, embedded systems, and crypto infrastructure. The defensive AI is finding bugs faster than humans can fix them. > May 26 (late) / May 27: Manuel Aráoz, former OpenZeppelin co-founder (he left in 2019), posts on X that he now considers all of DeFi unsafe, citing AI coding agents reaching "superhuman" levels at finding smart contract vulnerabilities. Says he has advised friends and family to exit DeFi positions including Aave, MakerDAO, and Compound. OpenZeppelin (current CEO Demian Brener) issues an official statement that Aráoz's views do not represent the firm. Aave Chan Initiative founder Marc Zeller calls the post "a moronic thing to say," noting that less than 10% of DeFi issues in the past year stemmed from the actual codebase. The industry is split. The warning lands either way. ================================ 3 patterns that matters more than dollar values: > The attack surface moved upstream. Mini Shai-Hulud and TrapDoor went after the tools developers use to build the protocols you use. One worm. 172 packages. Billions of downloads. The smart contract was never the failure point. > AI is now in both stacks. - Offensive: Grok/Bankrbot is the first AI-agent heist at scale. Lazarus is using AI for social engineering (Zerion, April). TrapDoor explicitly targets AI coding assistants by planting hidden instructions in CLAUDE.md and .cursorrules. - Defensive: Mythos found 23,019 vulnerabilities in 6 weeks. The bottleneck is now patching speed, not discovery. > Recovery rates went up. Verus got 75% back. Adshares got 86% back. Echo got ~99% back. Grok/Bankrbot got ~80% back. Polymarket froze ~29% of the drained funds within hours. Negotiated bounty deals and on-chain rapid-response are quietly becoming the settlement layer for sloppy hacks. Whether that's healthy in the long run is a separate fight. ===================================== THANK YOU for reading If you find this post helpful, please share it with someone you care about. A like, a comment, a repost, a bookmark, any of it helps this kind of work reach the people who need it most. Digging into blockchain and AI security is my passion because I look around and see so many of us exposed to real threats with very little awareness about them. I want to change that, one post at a time, starting with the people in my own circle. Your support keeps me motivated to keep digging. Stay Safe. 🌮

$upeg looking better and better.

Another ethereum:0x44b28991b167582f18ba0259e0173176ca125505 order hit! 20% of the $UPSTR has now been burned. The flywheel is spinning. 0xcB0443f047a4d48e480Bb7c4e21b9CBf96A52343

$UPSTR treasury update: - 41 uPEGs cycled. - 22 active uPEG order worth 33 $ETH. - 180 / 18% of supply permanently burned. Their X may be silent, but the contract is working as intended. Higher. 0xcB0443f047a4d48e480Bb7c4e21b9CBf96A52343 $UPEG $ETH

🦄 $uPEG Proposal: Turn Numerical Traits into Official Rarity = True Scarcity in Infinite Mint uPEG on Uniswap V4 already generates unique on-chain 24x24 unicorns with every swap (10k hard cap, but infinite brushing possible). New Idea: Make rarity OFFICIAL based on how many traits share the exact same number (Body, Hair, Horn, Eyes etc., all = 0, all = 1, or all matching any k). Simulation shows: - 10 matching traits: ~1 in 16.5M - 9 matching: ~1 in 242k - 8 matching: 1 in thousands - 7 matching: 1 in hundreds With 10k supply → ultra-rares are almost impossible to hit. Creates natural, math-based scarcity through volume, not artificial limits. At $500 avg price: → One 10-match could drive **$8.25 BILLION** in brushing volume → 9-match: ~$121M → Lower tiers still generate serious ongoing activity This is **NFT 2.0**: - NFT 1.0 = fixed mint, rarity decided at launch - uPEG 2.0 = infinite generation market-driven god-tier rarity Benefits: • Massive fees for team (2% on NFT trades) • Explosive volume for Uniswap V4 Hooks • Real reason to keep swapping & hunting • Perfect for OpenSea & future CEX listings @BTCjiumao dropped a gem. The $uPEG team should adopt this NOW. Numerical trait matching = self-sustaining economy built on luck volume. Who’s ready to brush for the first 10-match unicorn? 🦄💎 X: @unipegv4 CA: ethereum:0x44b28991b167582f18ba0259e0173176ca125505 0x44b28991B167582F18BA0259e0173176ca125505 #uPEG #UniswapV4 #NFT2_0

$UPSTR is a leveraged bet on $UPEG the dev has managed to deal with a lot of initial hiccups with the design and shipped fixes for all of them. i still think upeg will go to $50m if that happens, then this is probably the strongest bet at this mcap. buybacks ongoing, active upeg orders. higher upeg goes, in theory, higher upstr goes. @upegstrat

once all upegs are sold, 30% of $upstr supply will be bought and burnt when will people realise this and front-run the buyback..?